Founded in 2017, Stake.com is an online casino and sports betting platform that allows users to wager with crypto. The platform is co-owned by Australia’s youngest billionaire, Ed Craven, and co-founder Bijan Tehrani, which has quickly become the seventh-largest gambling group in terms of revenue.
Ed Craven, co-owner, confirmed via his X (formerly Twitter) account that Stake.com was responsible for 5.9% of all Bitcoin transactions in December 2022. Surprisingly, the platform accounted for 15.1% of all Litecoin and 12.3% of all Dogecoin transactions in the same month.
The premier crypto gambling site, Stake.com, seemingly became the victim of one of the biggest cybercrimes in 2023. On September 4th, the platform confirmed that several unauthorized transactions were made from its Ethereum, Polygon, and BSC wallets, leading to the platform temporarily disabling all deposits and withdrawals. Operations fully resumed several hours later, with a detailed account of the incident released.
Stake.com failed to disclose any details of the breach but confirmed that they would investigate the matter and all affected wallets would be up and running as soon as they’re restructured. BTC, LTC, XRP, EOS, TRX, and all other wallets remained fully operational- as stated via their X (Twitter) account.
The breach was reportedly detected in the early hours of Tuesday morning when multiple X (formerly Twitter) users claimed that Stake.com had suffered a material breach of $16 million and $25 million worth of digital assets.
The theft was allegedly discovered by Cyvers, a blockchain security company, which detected an unusual transaction worth $16 million. Blockchain analyst ZachXBT reported an additional $25.6 million in digital assets had been siphoned.
Hackers allegedly exploited “a leaked private key” to ascertain access to the platform's hot wallets, which hold the site’s digital assets. The hackers stole approximately $15.7 million worth of Ethereum, $17.8 million across the Binance Smart Chain, and a further $7.8 million in Polygon.
Approximately $41.3 million was transferred from Stake’s hot wallet, which is used to cover users’ payouts; however, the full amount of the stolen funds is unknown. The hackers subsequently converted the stolen funds into Ether and distributed the funds into several externally owned wallets.
A spokesperson for Stake later confirmed that only Stake’s hot wallet had been subjected to a cyberattack, which led to services temporarily being suspended to track down accounts that may be holding the funds. Four hours later, the platform took to their X account and stated:
“All services have resumed! Deposits & withdrawals are processing instantly for all currencies. We apologize for any inconvenience”.
Stake later assured its users that “There was no significant impact on service” and no client or customer has sustained any losses. The platform would further work with authorities to recover its stolen funds.
The hacking incident wasn’t the first of its kind. The cryptocurrency exchange platform “Alphapo” has fallen victim to $31 million in funds being hacked. Bovada and Ignition, two other notable crypto iGaming platforms, suffered a similar fate.
Crypto exchanges and trading platforms, such as Stake.com, have become targets for cybercriminals. The unregulated nature of crypto exchanges results in the platforms spending less funds on cybersecurity, which makes them easy targets for hackers.
Despite this, we at iPlayCrypto believe that situations like this can be avoided in the future, provided crypto exchanges and platforms utilize critical ownership systems with robust encryption protocols.
Security is a significant concern for any online financial institution, and it’s no different at crypto casinos. There’s always a risk of funds being hacked; however, several security measures exist to combat this.
One of the most crucial security aspects is the encryption of transactions, which prevents any unauthorized access to a gambler's funds or information. Crypto casinos can encrypt their platforms by simply converting a user’s plain text into alphanumeric format codes.
Furthermore, Bitcoin casinos can use digital signatures to verify the authenticity of every transaction. Digital signatures allow several parties to approve transactions, making it harder for hackers to siphon funds.
Public-key cryptography is still the best form of encryption at Bitcoin casinos. This form of encryption utilizes two keys, which are the private and public keys. These keys are used to encrypt and decrypt information.
Anyone with a public key can encrypt a message known as a ciphertext, while only the holder of a private key can decrypt the information. A key ownership system allows users to use their cryptocurrency on a site while still maintaining ownership, thus eliminating the possibility of being hacked.
Despite this, Stake’s “leaked private key” scenario calls for stricter regulations and security measures for all crypto platforms. However, Bitcoin casinos will remain the number one iGaming platform due to the high level of transparency and blockchain technology.